More Cybertheft Disclosures Coming Out Of SWIFT

More troubling revelations out of global financial messaging system SWIFT today, as disclosures are surfacing that yet more hack attacks have been discovered. These attacks have come as SWIFT has urged banks to comply with new security procedures put in place after an early 2016 hack saw $81 million disappear from the central bank of Bangladesh.

In a private letter to clients, SWIFT disclosed that new attacks — some successful — have come to light since it last updated customers on a string of attacks that occurred shortly after the Bangladesh attack.

“Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions,” according to a copy of the letter reviewed by Reuters. “The threat is persistent, adaptive and sophisticated — and it is here to stay.”

The letter further insinuates that attacks have been on the upswing since the Bangladesh heist — and that banks with lax security around SWIFT-enabled transfers are at particular risk.

The amount of money lost in the new attacks has not been disclosed, nor has the number of successful attacks been released. Also unknown is which banks exactly were hit — SWIFT only confirmed that the targets ranged in size and geography and used different methods for accessing SWIFT. Their common weakness was local security, which provided an exploit for hackers to enter through and send fraudulent money transfer orders.

Since the Bangladesh attack, SWIFT has pushed banking institutions to level up their security around the interbank messaging system with stronger systems for authenticating users and updates to its software for sending and receiving messages.

Compliance has been a thorny issue, however, because the nonprofit cooperative lacks regulatory authority over its members.

SWIFT told banks Tuesday that it might report them to regulators and banking partners if they fail to meet a November 19 deadline for installing the latest version of its software. The latest update contains safeguards against the current wave of attacks that is popular.

SWIFT is further trying to motivate its member banks to get on the security stick with threats to expose security issues to the public they might like to keep quiet about.

“That type of information sharing is something that no bank likes to see happen without their direct approval and involvement, because it can affect market confidence,” noted Shane Shook, an independent security consultant who advises central banks.